Linux

As one of the most interesting patch series sent over by an Oracle developer in quite a while at least on the virtualization front, a "request for comments" series was sent out on Wednesday that would enable the Linux Kernel-based Virtual Machine (KVM) to be able to boot Xen HVM guests.

The 39 patches touching surprisingly just over three thousand lines of code allow for Linux's KVM to run unmodified Xen HVM images as well as development/testing of Xen guests and Xen para-virtualized drivers. This approach is different from other efforts in the past of tighter Xen+KVM integration.

Machines have a trust problem — particularly autonomous machines deployed in safety-critical scenarios, like industrial robots and driverless cars. In a pair of surveys published by the American Automobile Association last January and by Gallup in May, 63 percent of people reported feeling afraid to ride in a fully self-driving vehicle and more than half said they’d never choose to ride in one. Moreover, in a report published by analysts at Pew in 2017, 70 percent of Americans said they were concerned about robots performing tasks currently handled by humans.

In an effort to allay those fears, the Linux Foundation today launched Enabling Linux in Safety Applications (ELISA), an open source project comprising tools intended to help companies build and certify Linux-based systems whose failure could result in loss of human life, significant property damage, or environmental damage. In partnership with British chip designer Arm, BMW, autonomous platforms company Kuka, Linutronix, and Toyota, ELISA will work with certification and standardization bodies in “multiple industries” to establish ways Linux can form the foundation of safety-critical systems across industries.

ELISA’s launch follows last year’s rollout of Automotive Grade Linux (AGL) 5.0, the newest version of a Linux Foundation project aimed at bringing open source technology to the automotive industry. Previous releases focused mainly on infotainment systems, but 5.0 introduced telematics and mapping solutions that allow OEMs to share mapping data generated by autonomous cars, in addition to offering improved security and a functional safety platform. Toyota and Amazon expressed early support; the former is using AGL in its 2018 Camry.

The LF Deep Learning Foundation (LF DL), a Linux Foundation that supports and sustains open source innovation in artificial intelligence (AI), machine learning (ML), and deep learning (DL), announces Ericsson has become the newest Premier Member. Ericsson, a global leader in delivering ICT solutions, has been at the forefront of communications technology for 140 years.

Ericsson has already begun contributing to the LF Deep Learning Foundation through the Acumos project, working with partners like AT&T, Orange and the broader community to solve complex problems surrounding 5G and IoT through AI and ML.

In addition to participating in LF DL, Ericsson is also a member of LF Networking, DPDK, the Cloud Native Computing Foundation and LF Edge Foundation. Ericsson is strongly committed to these future-forward technologies, and to that end the company has built a Global AI Accelerator focused on tackling the complex business problems of today and tomorrow.

Calico, which is now a Cloud Native Computing Foundation (CNCF) project, can be used on many clouds. It supports such common cloud APIs as Container Network Interface (CNI), OpenStack Neutron, and libnetwork. Besides Kubernetes, it can also be used with Docker, Mesos, and Rkt. You can natively deploy Calico on Amazon Web Services (AWS), Google Compute Engine, and the IBM Cloud. You can’t use Calico directly on Azure, but you can use Calico policies with the right network setup.

You can get started with Calico today. If you need help and support to get Calico into production, Tigera, Calico’s corporate backer, offers service level agreements (SLAs).

Chances are you might have already heard about its origins. But in this article exclusively dedicated to Tux, we are jotting down some interesting stories around the cute little fella with some info that might have gone unknown!

The first discussion about a mascot goes back to the early days of the Linux release, when Linus Torvalds shared his thoughts about choosing one that would gracefully be the torch-bearer of our beloved OS. That’s when many people dived in to contribute with their suggestions for the same.

The first email that cites the discussion of bringing in a Mascot goes back to 1996. It started with a hot debate about choosing creatures such as sharks or eagles which stopped the moment Linus mentioned that he was rather fond of penguins!

Best Linux Distros for Beginners. Some of you may disagree, others may have other distros they feel are better suited for newcomers and Linux beginners. That said, these four distros are my top picks based on factors such as ease of use, it’s reliable and hardware detection is solid.

Do you have other distros that you feel are better suited for new Linux users? Hit the comments below (YouTube or Patreon), tell me what you’re thinking makes a better choice and why.

Initially planned to ship in early 2019, the revolutionary Librem 5 mobile phone was delayed for April 2019, but now it suffered just one more delay due to the CPU choices the development team had to make to deliver a stable and reliable device that won't heat up or discharge too quickly.

Purism had to choose between the i.MX8M Quad or the i.MX8M Mini processors for their Librem 5 Linux-powered smartphone, but after many trials and errors they decided to go with the i.MX8M Quad CPU as manufacturer NXP recently released a new software stack solving all previous power consumption and heating issues.

STMicroelectronics announced its first Cortex-A SoC and first Linux- and Android-driven processor. The STM32MP1 SoC intends to ease the transition for developers moving from its STM32 microprocessor unit (MCU) family to more complex embedded systems. Development boards based on the SoC will be available in April.

Aimed at industrial, consumer, smart home, health, and wellness applications, the STM32MP1 features dual, 650MHz Cortex-A7 cores running a new “mainlined, open-sourced” OpenSTLinux distro with Yocto Project and OpenEmbedded underpinnings. There’s also a 209MHz Cortex-M4 chip with an FPU, MPU, and DSP instructions. The Cortex-M4 is supported by an enhanced version of ST’s STM32Cube development tools that support the Cortex-A7 cores in addition to the M4 (see below).

The Linux kernel supports a wide variety of filesystem types, many of which have not seen significant use — or maintenance — in many years. Developers in the openSUSE project have concluded that many of these filesystem types are, at this point, more useful to attackers than to openSUSE users and are proposing to blacklist many of them by default. Such changes can be controversial, but it's probably still fair to say that few people expected the massive discussion that resulted, covering everything from the number of OS/2 users to how openSUSE fits into the distribution marketplace.
On January 30, Martin Wilck started the discussion with a proposal to add a blacklist preventing the automatic loading of a set of kernel modules implementing (mostly) old filesystems. These include filesystems like JFS, Minix, cramfs, AFFS, and F2FS. For most of these, the logic is that the filesystems are essentially unused and the modules implementing them have seen little maintenance in recent decades. But those modules can still be automatically loaded if a user inserts a removable drive containing one of those filesystem types. There are a number of fuzz-testing efforts underway in the kernel community, but it seems relatively unlikely that any of them are targeting, say, FreeVxFS filesystem images. So it is not unreasonable to suspect that there just might be exploitable bugs in those modules. Preventing modules for ancient, unmaintained filesystems from automatically loading may thus protect some users against flash-drive attacks.

If there were to be a fight over a proposal like this, one would ordinarily expect it to be concerned with the specific list of unwelcome modules. But there was relatively little of that. One possible exception is F2FS, the presence of which raised some eyebrows since it is under active development, having received 44 changes in the 5.0 development cycle, for example. Interestingly, it turns out that openSUSE stopped shipping F2FS in September. While the filesystem is being actively developed, it seems that, with rare exceptions, nobody is actively backporting fixes, and the filesystem also lacks a mechanism to prevent an old F2FS implementation from being confused by a filesystem created by a newer version. Rather than deal with these issues, openSUSE decided to just drop the filesystem altogether. As it happens, the blacklist proposal looks likely to allow F2FS to return to the distribution since it can be blacklisted by default.

A lot of people probably remember the 1990s palmtop computers made by Psion fondly. The clamshell-design palmtops were pocketable, black and white, but had a working stylus and a fantastic tactile foldout QWERTY keyboard that you could type pretty substantial documents on or even write code with. A different company -- Planet Computers -- has now produced a spiritual successor to the old Psion palmtops called the Gemini PDA that is much like an old Psion but with the latest Android smartphone hardware in it and a virtually identical tactile keyboard. It can also dual boot to Linux (Debian, Ubuntu, Sailfish) alongside Android. The technical specs are a MediaTek deca-core processor, 4GB RAM, 64GB storage (plus microSD slot), 4G, 802.11c Wi-Fi, GPS, Bluetooth, eSIM support, and 4,220mAh battery. The screen measures in at 5.99-inches with a 2,160 x 1,080 (403ppi) resolution. The only thing missing seems to be the stylus -- but perhaps that would have complicated manufacturing of this niche-device in its first production run.

More in Tux Machines

today's leftovers

For those concerned that running Clear Linux means less available packages/bundles than the likes of Debian, Arch Linux, and Fedora with their immense collection of packaged software, Clear has a goal this year of increasing their upstream components available on the distribution by three times.
Intel Fellow Arjan van de Ven provided an update on their bundling state/changes for the distribution. In this update he shared that the Clear Linux team at Intel established a goal this year to have "three times more upstream components in the distro. That's a steep growth, and we want to do that with some basic direction and without reducing quality/etc. We have some folks figuring out what things are the most desired that we lack, so we can add those with most priority... but this is where again we more than welcome feedback."

You might think this annual poll would be fairly similar from year to year, from what distros we list to how people answer, but the results are wildly different from year to year.
(At the time of the creation of each poll, we pull the top 15 distributions according to DistroWatch over the past 12 months.)
Last year, the total votes tallied in at 15,574! And the winner was PCLinuxOS with Ubuntu a close second. Another interesting point is that in 2018, there were 950 votes for "other" and 122 comments compared to this year with only 367 votes for "other" and 69 comments.

Fedora operating system releases are (largely) time-based activity where a new base operating system (kernel, libraries, compilers) is built and tested against our Editions for functionality. This provides a new source for solutions to be built on. The base operating systems may continue to be maintained on the current 13 month life cycle — or services that extend that period may be provided in the future. A solution is never obligated to build against all currently maintained bases.

If you've lived through a major, natural disaster, you know that during the first few days you'll probably have to rely on a mental map, instead of using a smartphone as an extension of your brain. Where's the closest hospital with disaster care? What about shelters? Gas stations? And how many soft story buildings—with their propensity to collapse—will you have to zig-zag around to get there?
Trying to answer these questions after moving back to earthquake-prone San Francisco is why I started the Resiliency Maps project. The idea is to store information about assets, resources, and hazards in a given geographical area in a map that you can download and print out. The project contributes to and is powered by OpenStreetMap (OSM), and the project's entire toolkit is open source, ensuring that the maps will be available to anyone who wants to use them.

Drupal is the third most-widely used CMS behind WordPress and Joomla. With an estimated 3 percent to 4 percent of the world's billion-plus websites, that means Drupal runs tens of millions of sites. Critical flaws in any CMS are popular with hackers, because the vulnerabilities can be unleashed against large numbers of sites with a single, often-easy-to-write script.

Bradley Kuhn works for the Software Freedom Conservancy (SFC) and part of what that organization does is to think about the problems that software freedom may encounter in the future. SFC worries about what will happen with the four freedoms as things change in the world. One of those changes is already upon us: the Internet of Things (IoT) has become quite popular, but it has many dangers, he said. Copyleft can help; his talk is meant to show how.
It is still an open question in his mind whether the IoT is beneficial or not. But the "deep trouble" that we are in from IoT can be mitigated to some extent by copyleft licenses that are "regularly and fairly enforced". Copyleft is not the solution to all of the problems, all of the time—no idea, no matter how great, can be—but it can help with the dangers of IoT. That is what he hoped to convince attendees with his talk.
A joke that he had seen at least three times at the conference (and certainly before that as well) is that the "S" in IoT stands for security. As everyone knows by now, the IoT is not about security. He pointed to some recent incidents, including IoT baby monitors that were compromised by attackers in order to verbally threaten the parents. This is "scary stuff", he said.

Pat decided to update the Python 3 to version 3.7.2. This update from 3.6 to 3.7 broke binary compatibility and a lot of packages needed to be rebuilt in -current. But you all saw the ChangeLog.txt entry of course.
In my ‘ktown’ repository with Plasma5 packages, the same needed to happen. I have uploaded a set of recompiled packages already, so you can safely upgrade to the latest -current as long as you also upgrade to the latest ‘ktown’. Kudos to Pat for giving me advance warning so I could already start recompiling my own stuff before he uploaded his packages.

The KDE Community has just announced the wider integration of Matrix instant messaging into its communications infrastructure. There are instructions on the KDE Community Wiki as well.
So what’s the state of modern chat with KDE-FreeBSD?
The web client works pretty well in Falkon, the default browser in a KDE Plasma session on FreeBSD. I don’t like leaving browsers open for long periods of time, so I looked at the available desktop clients. Porting Quaternion to FreeBSD was dead simple. No compile warnings, nothing, just an hour of doing some boilerplate-ish things, figuring out which Qt components are needed, and doing a bunch of test builds. So that client is now available from official FreeBSD ports. The GTK-based client Fractal was already ported, so there’s choices available for native-desktop applications over the browser or Electron experience.

If you followed Kdenlive’s activity these last years, you know that we dedicated all our energy into a major code refactoring. During this period, which is not the most exciting since our first goal was to simply restore all the stable version’s features, we were extremely lucky to see new people joining the core team, and investing a lot of time in the project.
We are now considering to release the updated version in April, with KDE Applications 19.04. There are still a few rough edges and missing features (with many new ones added as well), but we think it now reached the point where it is possible to start working with it.

Preliminary Support Allows Linux KVM To Boot Xen HVM Guests

As one of the most interesting patch series sent over by an Oracle developer in quite a while at least on the virtualization front, a "request for comments" series was sent out on Wednesday that would enable the Linux Kernel-based Virtual Machine (KVM) to be able to boot Xen HVM guests.
The 39 patches touching surprisingly just over three thousand lines of code allow for Linux's KVM to run unmodified Xen HVM images as well as development/testing of Xen guests and Xen para-virtualized drivers. This approach is different from other efforts in the past of tighter Xen+KVM integration.

Servers: Kubernetes, SUSE Enterprise Storage and Microsoft/SAP

One of the questions I get asked quite often by people who are just starting or are simply not used to the “new” way things are done in IT is, “What is the cloud?” This, I think, is something you get many different answers to depending on who you ask. I like to think of it this way: The cloud is a grouping of resources (compute, storage, network) that are available to be used in a manner that makes them both highly available and scalable, either up or down, as needed. If I have an issue with a resource, I need to be able to replace that resource quickly — and this is where containers come in. They are lightweight, can be started quickly, and allow us to focus a container on a single job. Containers are also replaceable. If I have a DB container, for instance, there can’t be anything about it that makes it “special” so that when it is replaced, I do not lose operational capability.

As your data needs continue to expand, it’s important to have a storage solution that’s both scalable and easy to manage. That’s particularly true when you’re managing common gateway resources like iSCSI that provide interfaces to storage pools built in Ceph. In this white paper, you’ll see how to use the SUSE Enterprise Storage openATTIC management console to create RADOS block devices (RBDs), pools and iSCSI interfaces for use with Linux, Windows and VMware systems.